QuickTime < 7.7.1 Multiple Vulnerabilities (Windows)

This script is Copyright (C) 2011-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains an application that may be affected
by multiple vulnerabilities.

Description :

The version of QuickTime installed on the remote Windows host is
older than 7.7.1 and may be affected by the following
vulnerabilities :

- A cross-site scripting issue exists in HTML files
generated by the 'Save for Web' export feature.
(CVE-2011-3218)

- A buffer overflow error exists in the handling of
H.264 encoded video files. (CVE-2011-3219)

- An error exists in the processing of URL data handlers
in movie files and can allow access to uninitialized
areas of memory. (CVE-2011-3220)

- An error exists in the handling of the 'atoms'
hierarchy as well as 'TKHD atoms' in movie files.
(CVE-2011-3221, CVE-2011-3251)

- Buffer overflow errors exist in the processing of
of FlashPix, FLIC, PICT and FLC-encoded files.
(CVE-2011-3222, CVE-2011-3223, CVE-2011-3247,
CVE-2011-3249)

- An unspecified error can allow memory corruption when
viewing certain video files. (CVE-2011-3228)

- An error related to signedness exists in the handling
of font tables in QuickTime video files. (CVE-2011-3248)

- An integer overflow error exists in the handling of
JPEG2000 encoded video files. (CVE-2011-3250)

See also :

http://www.zerodayinitiative.com/advisories/ZDI-11-295/
http://www.zerodayinitiative.com/advisories/ZDI-11-303/
http://www.zerodayinitiative.com/advisories/ZDI-11-311/
http://www.zerodayinitiative.com/advisories/ZDI-11-312/
http://www.zerodayinitiative.com/advisories/ZDI-11-313/
http://www.zerodayinitiative.com/advisories/ZDI-11-314/
http://www.zerodayinitiative.com/advisories/ZDI-11-315/
http://www.zerodayinitiative.com/advisories/ZDI-11-316/
http://www.zerodayinitiative.com/advisories/ZDI-12-136/
http://www.securityfocus.com/archive/1/523931/30/0/threaded
http://support.apple.com/kb/HT5016

Solution :

Upgrade to QuickTime 7.7.1 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.3
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now